Instructions

ZOOM IN by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.

MOVE the page around when zoomed in by dragging it.

ADJUST the zoom using the slider on the top right.

ZOOM OUT by clicking on the zoomed-in page.

SEARCH by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues
respectively.

PRINT by clicking on thumbnails to select pages, and then press the
print button.

SHARE this publication and page.

ROTATE PAGE allows you to turn pages 90 degrees clockwise or counterclockwise.Click on the page to return to the original orientation. To zoom in on a rotated page, return the page to its original orientation, zoom in, and
then rotate it again.

CONTENTS displays a table of sections with thumbnails and descriptions.

ALL PAGES displays thumbnails of every page in the issue. Click on
a page to jump.

218 • THE AUSTRALIAN LOCAL GOVERNMENT YEARBOOK EDITION 24
SECURITY
Essential Eight
Strategy
What is it?
Why use it?
Application whitelisting
A whitelist only allows software that
has been approved by the system
administrator to run on computers.
All other software applications are
stopped, including malware.
Patch applications
A patch fixes security vulnerabilities in
software applications.
Adversaries will use known security
vulnerabilities to target computers.
Restrict administrative privileges
Only use administrator privileges for
managing systems, installing legitimate
software and applying software patches.
These should be restricted to only those
that need them.
Admin accounts are the 'keys to
the kingdom'; adversaries use these
accounts for full access to information
and systems.
Patching operating systems
A patch fixes security vulnerabilities in
operating systems.
Adversaries will use known security
vulnerabilities to target computers.
Disable untrusted Microsoft Office
macros
Microsoft Office applications can use
software known as 'macros' to automate
routine tasks.
Macros are increasingly being used
to enable the download of malware.
Adversaries can then access sensitive
information, so macros should be
secured or disabled.
User application hardening
Block web browser access to Adobe
Flash player (uninstall if possible), web
advertisements and untrusted Java code
on the internet.
Flash, Java and web ads have long been
popular ways to deliver malware to
infect computers.
Multi-factor authentication
This is when a user is only granted access
after successfully presenting multiple,
separate pieces of evidence, typically:
• something you know, like a
passphrase
• something you have, like a physical token
• and/or something you are, like
biometric data.
Having multiple levels of authentication
makes it a lot harder for adversaries to
access your information.
Daily backup of important data
Regularly backup all data and store it
securely offline.
Your organisation can access data again
if it suffers a cyber security incident.